Analysis

  • max time kernel
    148s
  • max time network
    137s
  • platform
    windows7_x64
  • resource
    win7-20240508-en
  • resource tags

    arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
  • submitted
    03-06-2024 13:07

General

  • Target

    91e491aee6e44e81215720e70a33a82f_JaffaCakes118.html

  • Size

    18KB

  • MD5

    91e491aee6e44e81215720e70a33a82f

  • SHA1

    45368fba1c41f7d285c6e84ed1ef5c65750ec050

  • SHA256

    a6412479be27e07e577c1f9ae02d2347a2b9ac1b6039bc3871fdf64887af40cf

  • SHA512

    09178b1e0cf3e6053b4ae5ec821bc1b3942b8870b15093b7883729708514d414d277628bc92b55f15e6b6c61e1c4d457eb1844d5b1ce097eac8f9a0fd10c2bcc

  • SSDEEP

    384:SIMd0I5nvH4DnDf/JZxJ3aXoqsvW+ObxDB8:SE7DnDf/JZxJ3aXoqVNbA

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 28 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\91e491aee6e44e81215720e70a33a82f_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2068
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2068 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2288

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    fd48e855adc15a36199f9df60da3c04f

    SHA1

    7f7b16e8e7b574f677de1e5d347c5fa02faa334b

    SHA256

    232d801cd0685264044dd6eead53fea324ea7bd479c250bd5f4a77aeaaee1034

    SHA512

    b0b912c27d3a98837a522d44a68ac6d5b0f6e31f0bef81605e0884d61dbd33a35ace45af7ec3027f01ba34a9ca8b44f47ecf396de8f3e23546b9dbedd10e850d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f3ba646848cd92f4f8a7ab51a62dd1b6

    SHA1

    92e681cea49ee0cd490004fc90ad9f8f80ea2787

    SHA256

    a2b39dc18e2e137c30b59b10caa14fc114f452737218e64a9a3c5c4bf2d7d04e

    SHA512

    dca8688ec634d5bd86437bc32e89b1c9930102b5aa7b0f6d3f476db84e3b67203b59d993afa97da833e4f0d83ee7d712c5b519dab401c182a51c27645e014593

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    57aa49f7e11848599acba804af3e47d1

    SHA1

    242fb542f662befb657d8221af0c55214dfb172b

    SHA256

    37476503de3c9be2ae4b9247f680b71fada06c57a6b48549673905c6af9f5dcf

    SHA512

    ab5c6522cae3937ba23b279b1c2938dff71c1b1a5a6053a2d4322454cd0b6c7509cd1facb2bae602698313c2d06050461cec201c046f571c3ccb7758550c8654

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    7a700c770060b76ebf6404010af47f3a

    SHA1

    f023c3f24ff0a1f85e262fccd6d93a3a6ca4df5e

    SHA256

    3fc52c7d00b208d4d9eb2c8d52a3712c36f544366e2348da1bcf6733fba4f610

    SHA512

    3d99b022edcffc7d61ff809a4ac764632140a64dfb786fa4bec02d078ff4b9b2230d0e09841def657d1f65a35b861590f5c3821c8c22b2363272e23e6497121f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    35bd43bb86ff713d585aa21e7d7868c0

    SHA1

    ce13da6a3002069990c4bc2ba5b06db7af8a966b

    SHA256

    96fd89f97e3bbf25f3d8357ad7b3859f62001839676e44ab5d265aab25168699

    SHA512

    ba02e207252565049a44e999ba34187e6ddfad00aa7c951648222e6ff6572dda5589d1d0bdbf9c705a2456bf7a33fa32f0000d469f76700aeaf212b08af78aa5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    0f680e3bf9105ea333b370e623294359

    SHA1

    338469e26236f11de344e073dac72502951d7649

    SHA256

    5bbe3d6a59e89a58d18509ddc798ef76966d23ddd4fbf8149c03bf544c281b3d

    SHA512

    b7b8558c8e228213b47f24e3461cff3e7cb8dbfceec802660a975324e1aa531c39696e0a7ca3fbdbc2686a93601b762f3a4f6dafb314fc22bb93dfe2dd6a8f93

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d14e8b83b85e7c7eec77673aed3d00c9

    SHA1

    2a3d332a6cb5026fc86463b20d05c5e2ea0d0461

    SHA256

    5d34c663d2cff8c881535fbd3340261dc7c8e3159b71a46d8f0fcc7fe5c8c475

    SHA512

    a3444d8bab30bf9c2caf1333771428dadbcbb04a0bada742c9042a7ff982271e76dfa57de3b2790102a9feea3d9d3b7d51d31ae0934853ad65a81650f1d57361

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ffb336dcb8bfe01f98bd3d43c6064905

    SHA1

    57cf7732aadad4002e65656f7362c630893eea2e

    SHA256

    841686b8b497f11b1cc67163b9b3e858b4442b2d35760eff4345d29845eabafa

    SHA512

    b4d89238e38dbe0272cd055b8c223beb65714d5433dd87c8cfa40954a615928940cf3621d9bf2e2ff99998f0eb13f96f53bb022dd0a32680493231edbd4b4f6f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f25339babc6a0f8f77aa4fce36b2eefa

    SHA1

    72b0126391da7ee8d3e8c88d7d07dafb9462ab51

    SHA256

    139499f539c737b6425522bc3c1d8e7f9fe648ca68a280aa42537ff634649b83

    SHA512

    45752fec3e3631aa6d716f34627004ad513a66f4e0f4955ac7287b319076b6d5aa4837b0702d3a72242a4a9d22896ddf86a4553a8017b92de4662cb665d4326f

  • C:\Users\Admin\AppData\Local\Temp\Cab1DCF.tmp

    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

  • C:\Users\Admin\AppData\Local\Temp\Cab1E3E.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\Tar1E53.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b